TRANSPARENCY REPORT

NYGMA.AI

Last Updated: March 18, 2025

This Transparency Report provides information about government requests for user data received by Genie9 LTD (“Genie9”, “we”, “us”, or “our”), a company registered in England and Wales with company registration number 08669198, in connection with the Nygma.ai service (“Service”).

We are committed to transparency regarding government requests for user data and how we respond to such requests. This report explains our approach to handling these requests and the technical limitations imposed by our zero-knowledge encryption architecture.

1. INTRODUCTION

1.1 Purpose of This Report

To provide transparency about government requests for user data
To explain how our zero-knowledge architecture affects our responses
To outline our policies and procedures for handling such requests

1.2 Commitment to User Privacy

We design our systems to protect user privacy through technical means
We limit the data we collect to what is necessary to provide the Service
We implement zero-knowledge encryption to ensure we cannot access user content

1.3 Scope and Frequency

This report covers the period from service launch to March 18, 2025
We will update this report [quarterly/bi-annually/annually]
Future reports will include quantitative data on requests received

2. TYPES OF REQUESTS

2.1 Legal Process Types

Subpoenas: Legal orders that don’t typically require judicial review
Court Orders: Issued by a judge or magistrate
Search Warrants: Require judicial review and probable cause
National Security Requests: Including National Security Letters (NSLs) and FISA orders
Emergency Requests: Requests related to imminent harm

2.2 Jurisdictional Considerations

We are primarily subject to UK and EU legal jurisdictions
We evaluate requests from other jurisdictions based on international legal principles
We may challenge requests that do not follow appropriate legal channels

3. ZERO-KNOWLEDGE ARCHITECTURE AND ITS IMPLICATIONS

3.1 Technical Limitations

Our zero-knowledge encryption architecture means we do not have access to:
- The contents of user files
- File names
- Folder structures
- File metadata
All encryption and decryption occur locally on user devices
We never receive or store encryption keys

3.2 Data We Can Access

Basic account information (email address, name if provided)
Payment information processed through our payment provider
IP addresses and login timestamps
Encrypted data volumes (but not their contents)

3.3 Data We Cannot Provide

Decrypted contents of files stored in the Service
Decrypted file names or folder structures
User passwords or encryption keys
Ability to modify or delete specific files

4. OUR RESPONSE PROCESS

4.1 Legal Review

All requests are reviewed by legal counsel
We verify the validity and jurisdiction of each request
We ensure the request follows proper legal procedures
We narrow overly broad requests when possible

4.2 User Notification

We notify users about requests for their data when legally permitted
We delay notification only when legally required or in emergency situations
We work to lift non-disclosure orders where possible

4.3 Response Limitations

We can only provide data we have access to
We explicitly inform requesting authorities about our technical inability to provide decrypted content
We require valid legal process before providing any user data

5. WARRANT CANARY

As of March 18, 2025:

5.1 Genie9 states that:

We have not received any National Security Letters (NSLs)
We have not received any orders under the Foreign Intelligence Surveillance Act (FISA)
We have not received any gag orders that prevent us from stating that we have received legal process seeking user information
We have not been required to modify our systems to allow surveillance or monitoring by any government entity
We have not been subject to any government-compelled bulk data collection or surveillance

5.2 Canary Updates:

This warrant canary will be updated regularly
The absence of this canary in future transparency reports may indicate that we have received such orders
We are committed to fighting overly broad or inappropriate requests to the extent legally possible

6. STATISTICS ON GOVERNMENT REQUESTS

As Nygma.ai is a new service, this section provides our reporting framework for future transparency reports. In subsequent reports, we will include specific numbers for each category of request.

6.1 Reporting Categories:

Request Type: Subpoenas, Court Orders, Search Warrants, Emergency Requests, National Security Requests
Requesting Jurisdiction: Country/Region of requesting authority
Request Status: Received, Processed, Challenged, Rejected
Data Provided: Account Information, Payment Information, Usage Data, Encrypted Content, No Data
User Notification: Notified, Delayed Notification, No Notification

6.2 Current Reporting Period:

Period Covered: Service Launch to March 18, 2025
Total Requests Received: [Number]
Requests Where Some Data Was Provided: [Number]
Requests Where No Data Was Provided: [Number]
Users Notified: [Number]

6.3 Report Limitations:

Some requests may be subject to non-disclosure orders
National security requests may be reported only in broad ranges
Emergency requests may be handled differently due to their urgent nature

7. LAW ENFORCEMENT GUIDELINES

7.1 Accepted Legal Process

We require valid legal process before disclosing user data
Different types of data may require different levels of legal process
International requests should follow Mutual Legal Assistance Treaty (MLAT) procedures where applicable

7.2 Request Requirements

Requests must identify the specific Nygma.ai account
Requests must specify the information sought
Requests must have proper legal authorization
Requests must be issued by an appropriate government entity

7.3 Emergency Requests

We evaluate emergency requests involving imminent harm on a case-by-case basis
We may provide limited data in genuine emergencies without legal process
We require written documentation of the emergency even in urgent situations

7.4 Submitting Requests

Law enforcement agencies should submit requests to: legal@genie9.com
Physical submissions can be sent to: Genie9 LTD, 3 Shortlands, W6 8DA, London, United Kingdom
Questions about law enforcement requests can be directed to: legal@genie9.com

8. OUR LEGAL ADVOCACY

8.1 Request Challenges

We challenge requests that are overly broad or inappropriate
We push back on non-disclosure requirements when possible
We advocate for narrowing requests to minimize data disclosure

8.2 Policy Advocacy

We support privacy-protective legislation
We oppose government backdoors in encryption
We advocate for clear and transparent government data request processes
We support legal recognition of technical limitations in zero-knowledge systems

9. USER RESOURCES

9.1 Understanding Government Requests

Government authorities may request user data for legitimate purposes
Users should understand what data we can and cannot access
Our zero-knowledge architecture provides technical protections for your content

9.2 User Actions

Report suspicious emails claiming to be from Nygma.ai
Contact legal@genie9.com if you receive legal process related to your Nygma.ai account
Consult your own legal counsel if you have concerns about government requests

10. CHANGES TO THIS REPORT

10.1 Update Schedule

This report will be updated [quarterly/bi-annually/annually]
The next report will be published on [Date]

10.2 Notification of Changes

Material changes to our approach will be communicated in future reports
Updates to the warrant canary will be included in each report

11. LIMITATION OF LIABILITY

11.1 Liability Cap

IN NO EVENT SHALL GENIE9’S TOTAL LIABILITY TO YOU FOR ANY CLAIMS RELATED TO THIS TRANSPARENCY REPORT OR THE SUBJECT MATTER HEREOF EXCEED ONE HUNDRED U.S. DOLLARS ($100.00), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, OR OTHERWISE.

12. CONTACT INFORMATION

For questions about this Transparency Report, please contact:

Genie9 LTD
3 Shortlands
W6 8DA, London
United Kingdom
Email: legal@genie9.com

END OF TRANSPARENCY REPORT

Log in